<?php

require_once "permission_config.php";

class permission {

	var $PERMISSIONS;
	var $P_GROUP;

	function permission() {
		global $PERMISSIONS;
		$this->PERMISSIONS = $PERMISSIONS;
		$this->P_GROUP = $P_GROUP;
	}

	function create_accessmask($group_id, $permission) {
		$permission = array_flip($permission);
		$accessmask = str_repeat("0", count($permission));
		while (list($k, $v) = each($this->PERMISSIONS[$group_id])) {
			$flag = (isset($permission[$k]) ? "1" : "0");
			$accessmask[$k] = $flag;
		}
		return $accessmask;
	}
	
	function check_permission($group_id, $permission_id) {
		global $role_id;
		$accessmask = $this->get_accesssmask($role_id, $group_id);
                return (bool)$accessmask[$permission_id];
        }
        
        // 限于检查当前登录用户是否具有某个权限组的任一权限
        function check_grouppermission($group_id){
        	global $DB;
                if(!$group_id) {
                	return false;
                }
                $role_id = $_SESSION['admininfo']['role_id'];
                $sql = "SELECT * FROM roles2permission
				WHERE group_id='$group_id'
					AND role_id='$role_id'
				";
		return $DB->query_first($sql);
        }

        // 获取某个角色对应某个组的所有权限
	function get_accesssmask($role_id, $group_id) {
		global $DB;
		if (!$role_id) {
			$role_id = $_SESSION['admininfo']['role_id'];
		}
		$sql = "SELECT * FROM roles2permission
				WHERE role_id='" . $role_id . "'
					AND group_id='$group_id'
				";
		$role = $DB->query_first($sql);
		return $role['mask'];
	}
	
}

?>
